Updates to build pipeline (microsoft#1454)

.azure-pipelines/azure-pipelines.yaml

@@ -36,7 +36,7 @@ stages:
     steps:
 
     # Install pipeline dependencies
-    - powershell: ./.azure-pipelines/pipeline-deps.ps1
+    - powershell: ./scripts/pipeline-deps.ps1
       displayName: 'Install dependencies'
 
     # Build module

.azure-pipelines/jobs/test.yaml

@@ -22,7 +22,7 @@ jobs:
   steps:
 
   # Install pipeline dependencies
-  - powershell: ./.azure-pipelines/pipeline-deps.ps1
+  - powershell: ./scripts/pipeline-deps.ps1
     displayName: 'Install dependencies'
 
   # Download module

.azure-pipelines/jobs/testContainer.yaml

@@ -28,7 +28,7 @@ jobs:
   steps:
 
   # Install pipeline dependencies
-  - powershell: ./.azure-pipelines/pipeline-deps.ps1
+  - powershell: ./scripts/pipeline-deps.ps1
     displayName: 'Install dependencies'
 
   # Download module

.github/dependabot.yaml

@@ -0,0 +1,42 @@
+#
+# Dependabot configuration
+#
+
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  # Maintain dependencies for NuGet
+  - package-ecosystem: 'nuget' # See documentation for possible values
+    directory: '/' # Location of package manifests
+    schedule:
+      interval: 'daily'
+    labels:
+      - 'dependencies'
+    reviewers:
+      - 'microsoft/psrule'
+    ignore:
+      # Ignore upgrades to PS 7.1 for tool chain components at this time
+      # Testing against PS 7.1 is already completed
+      - dependency-name: 'Microsoft.PowerShell.SDK'
+
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+    labels:
+      - 'ci-quality'
+    reviewers:
+      - 'microsoft/psrule'
+
+  # Maintain dependencies for Python
+  - package-ecosystem: 'pip'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+    labels:
+      - 'ci-quality'
+    reviewers:
+      - 'azure/psrule'

.github/workflows/analyze.yaml

@@ -12,11 +12,11 @@
 name: Analyze
 on:
   push:
-    branches: [ main, 'release/*' ]
+    branches: [main, 'release/*']
   pull_request:
-    branches: [ main, 'release/*' ]
+    branches: [main, 'release/*']
   schedule:
-  - cron: '24 22 * * 0' # At 10:24 PM, on Sunday each week
+    - cron: '24 22 * * 0' # At 10:24 PM, on Sunday each week
   workflow_dispatch:
 
 permissions: {}
@@ -29,22 +29,21 @@ jobs:
       contents: read
       security-events: write
     steps:
+      - name: Checkout
+        uses: actions/checkout@v3
 
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    - name: Run PSRule analysis
-      uses: microsoft/ps-rule@main
-      with:
-        modules: PSRule.Rules.MSFT.OSS
-        prerelease: true
-        outputFormat: Sarif
-        outputPath: reports/ps-rule-results.sarif
+      - name: Run PSRule analysis
+        uses: microsoft/ps-rule@main
+        with:
+          modules: PSRule.Rules.MSFT.OSS
+          prerelease: true
+          outputFormat: Sarif
+          outputPath: reports/ps-rule-results.sarif
 
-    - name: Upload results to security tab
-      uses: github/codeql-action/upload-sarif@v2
-      with:
-        sarif_file: reports/ps-rule-results.sarif
+      - name: Upload results to security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: reports/ps-rule-results.sarif
 
   devskim:
     name: Analyze with DevSkim
@@ -54,7 +53,6 @@ jobs:
       contents: read
       security-events: write
     steps:
-
       - name: Checkout
         uses: actions/checkout@v3
 
@@ -76,17 +74,16 @@ jobs:
       contents: read
       security-events: write
     steps:
+      - name: Checkout
+        uses: actions/checkout@v3
 
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: 'csharp'
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: 'csharp'
 
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/build.yaml

@@ -0,0 +1,143 @@
+#
+# CI Pipeline
+#
+
+# NOTES:
+# This workflow builds and tests module updates.
+
+name: Build
+on:
+  push:
+    branches: [main, 'release/*']
+  pull_request:
+    branches: [main, 'release/*']
+  workflow_dispatch:
+
+env:
+  DOTNET_NOLOGO: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
+
+permissions: {}
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: 7.x
+
+      - name: Install dependencies
+        shell: pwsh
+        timeout-minutes: 3
+        run: ./scripts/pipeline-deps.ps1
+
+      - name: Build module
+        shell: pwsh
+        timeout-minutes: 5
+        run: Invoke-Build -Configuration Release -AssertStyle GitHubActions
+
+      - name: Upload module
+        uses: actions/upload-artifact@v3
+        with:
+          name: Module
+          path: ./out/modules/PSRule/*
+          retention-days: 3
+          if-no-files-found: error
+
+      # - name: Upload Test Results
+      #   uses: actions/upload-artifact@v3
+      #   if: always()
+      #   with:
+      #     name: Module.DotNet.TestResults
+      #     path: ./reports/*.trx
+      #     retention-days: 3
+      #     if-no-files-found: error
+
+      - name: Upload PSRule Results
+        uses: actions/upload-artifact@v3
+        if: always()
+        with:
+          name: Module.PSRule.TestResults
+          path: ./reports/ps-rule*.xml
+          retention-days: 3
+          if-no-files-found: error
+
+  test:
+    name: Test (${{ matrix.rid }}-${{ matrix.shell }})
+    runs-on: ${{ matrix.os }}
+    needs: build
+    permissions:
+      contents: read
+
+    strategy:
+      # Get full test results from all platforms.
+      fail-fast: false
+
+      matrix:
+        os: ['ubuntu-latest']
+        rid: ['linux-x64']
+        shell: ['pwsh']
+        include:
+          - os: windows-latest
+            rid: win-x64
+            shell: pwsh
+          - os: windows-latest
+            rid: win-x64
+            shell: powershell
+          - os: ubuntu-latest
+            rid: linux-x64
+            shell: pwsh
+          - os: ubuntu-latest
+            rid: linux-musl-x64
+            shell: pwsh
+          - os: macos-latest
+            rid: osx-x64
+            shell: pwsh
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: 7.x
+
+      - if: ${{ matrix.shell == 'pwsh' }}
+        name: Install dependencies (PowerShell)
+        shell: pwsh
+        timeout-minutes: 3
+        run: ./scripts/pipeline-deps.ps1
+
+      - if: ${{ matrix.shell == 'powershell' }}
+        name: Install dependencies (Windows PowerShell)
+        shell: powershell
+        timeout-minutes: 3
+        run: ./scripts/pipeline-deps.ps1
+
+      - name: Download module
+        uses: actions/download-artifact@v3
+        with:
+          name: Module
+          path: ./out/modules/PSRule
+
+      - if: ${{ matrix.shell == 'pwsh' }}
+        name: Test module (PowerShell)
+        shell: pwsh
+        timeout-minutes: 15
+        run: Invoke-Build TestModule -Configuration Release -AssertStyle GitHubActions
+
+      - if: ${{ matrix.shell == 'powershell' }}
+        name: Test module (Windows PowerShell)
+        shell: powershell
+        timeout-minutes: 30
+        run: Invoke-Build TestModule -Configuration Release -AssertStyle GitHubActions

.github/workflows/dependencies.yaml

@@ -8,7 +8,7 @@
 name: Dependencies
 on:
   schedule:
-  - cron:  '30 1 * * 1' # At 01:30 AM, on Monday each week
+    - cron: '30 1 * * 1' # At 01:30 AM, on Monday each week
   workflow_dispatch:
 
 env:
@@ -25,7 +25,6 @@ jobs:
       contents: write
       pull-requests: write
     steps:
-
       - name: Checkout
         uses: actions/checkout@v3
         with:

.github/workflows/docs.yaml

@@ -5,11 +5,11 @@
 # NOTES:
 # This workflow generates and published the documentation site https://microsoft.github.io/PSRule/.
 
-name: Build and deploy docs
+name: Docs
 on:
   push:
     branches:
-    - main
+      - main
   workflow_dispatch:
 
 permissions: {}
@@ -21,7 +21,6 @@ jobs:
     permissions:
       contents: write
     steps:
-
       - name: Checkout
         uses: actions/checkout@v3
         with:

.github/workflows/first-interaction.yaml

@@ -19,9 +19,8 @@ jobs:
       issues: write
       pull-requests: write
     steps:
-
-    - uses: actions/first-interaction@v1
-      with:
-        repo-token: ${{ secrets.GITHUB_TOKEN }}
-        issue-message: 'Thanks for raising your first issue, the team appreciates the time you have taken 😉'
-        pr-message: 'Thank you for your contribution, one of the team will evaluate shortly.'
+      - uses: actions/first-interaction@v1
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          issue-message: 'Thanks for raising your first issue, the team appreciates the time you have taken 😉'
+          pr-message: 'Thank you for your contribution, one of the team will evaluate shortly.'